0

Say I have a banking app (I am not developing a banking app, however I believe it gets my point across as it is used in a lot of Event Sourcing examples), which generates the following messages:

1) Apply £110 withdrawal to account A
2) Apply £70 credit to account A
3) Apply £99 withdrawal to account A
4) Apply £42 withdrawal to account A

Say that account A does not have an overdraft. Now say that the third message fails because of an error specific to that message only e.g. serialization error. In this scenario message 3 is added to the NServiceBus error queue.

The way I understand it is that a tool like Service Pulse is used by an Administrator to process the error queue in isolation. Say it takes two hours for the administrator to process the error and within that time the forth transaction is complete. Does that not mean the forth transaction is processed before the third transaction and the account could go into the overdraft?

I have completed an online course for NServiceBus and I am still not clear on this. I have also looked at similar questions here for example: In CQRS how to work with NServiceBus to update Command and Query store

w0051977
  • 15,099
  • 32
  • 152
  • 329
  • Each transaction is independent. And order of messages should not be assumed. You're talking about ledger here. I would assume that as long as failed operation is retried and applied, it would not matter if #4 executed before or after #3. – Sean Feldman May 22 '18 at 17:38
  • @Sean Feldman, what happens if there is an overdraft? Thanks. – w0051977 May 22 '18 at 17:52
  • Have a feeling overdraft is not calculated on a few hours, but a longer period of insufficient funds. I would first seek to anderstand how overdraft is working. – Sean Feldman May 22 '18 at 18:30
  • @Sean Feldman, how would you stop someone going into their overdraft? I guess banks don't stop you - they just charge you if you go into the overdraft. Is that right? – w0051977 May 22 '18 at 18:45
  • I'm not dealing with banking systems to know how exactly that works. I'm sure there's more to this than just one edge case you're listing. For example, what happens when there's no connectivity between ATMs/branches? If I would need to build a solution in the banking domain, I would try to understand as much as possible what the already excisting rules in place. – Sean Feldman May 22 '18 at 18:54
  • In general, the order of messages should not be assumed. There are other reasons that could cause messages being delivered out of order (with failed/retried messages being one of them). As Sean says, you will need to understand the business rules to find out compensations you can make, e.g. when they go into overdraft due to a message being retried. – Hadi Eskandari May 22 '18 at 23:44
  • @Hadi Eskandari, could you provide an example of "compebsations" from any domain I.e. not necessarily banking. Thanks. – w0051977 May 23 '18 at 06:08
  • @w0051977 e.g. message 3 fails, customer is charged overdraft fees, message 3 gets retried and as a compensation policy, you undo/rollback/compensate the overdraft fees. See if this helps? http://microservices.io/patterns/data/saga.html – Hadi Eskandari May 31 '18 at 01:07

1 Answers1

0

This is a good question. The system that is the source of these events is authoritative on the balance. The banking 'core' is a more traditional ledger with 2 phase commit (and most I've seen anyway have a nightly cycle process that determines if you're overdrawn). This core system could publish information transactions and other things that you could transform into NServiceBus. With this you could do all sorts of useful stuff like send text alerts, inform another system of this activity, subscribe a fraud early warning system, subscribe a rewards platform to accrue reward points etc.

The order of the events could get out of whack because of errors just as you say. That is a reality of asynch messaging and store and forward. Each receiving system would have to contend with that reality. You can re-order them in the destination through the time stamp if there is one but you cannot be sure you have them all at any given time.

With regard to an overdrawn condition, the best way to consider that is to source that as a separate event from the authoritative core. It's the only system that knows and could push an 'Account overdrawn' sort of event that itself could trigger a notice, a fee, a note to the branch manager...

Joe
  • 61
  • 1